Legal claims defining the scope of protection, as filed with the USPTO.
1. A system for hosting network services, comprising: a network switch configured to provide at least a first virtual switch having an associated first virtual device context (VDC), wherein the first virtual switch is assigned a first set of physical ports of the network switch and wherein the first virtual switch is defined by a first VDC configuration; and a service node that processes network traffic forwarded by the first virtual switch, wherein the service node includes at least a first port connecting the service node to one of the first set of physical ports associated with the first virtual switch, wherein the service node is configured to process the network traffic forwarded by the first virtual switch based on the first VDC associated with the first virtual switch and wherein the first VDC configuration provides a shared configuration for the first virtual switch and the service node for processing the network traffic forwarded to the service node by the first virtual switch.
2. The system of claim 1 , further comprising: a management application, wherein the management application specifies the first VDC configuration for the first virtual switch and the service node.
3. The system of claim 2 , wherein the management application is configured to notify the service node when the VDC is created, deleted, suspended, or restarted.
4. The system of claim 1 , wherein the service node hosts at least one of a firewall and a load-balancer.
5. The system of claim 1 , wherein the service node hosts one or more virtual machines (VMs), and wherein at least one of the VMs is configured as part of the first VDC.
6. The system of claim 5 , wherein the network switch stores an access control list (ACL), and wherein the service node further includes an ACL, and wherein the ACL of the service node is configured based on the first VDC associated with the first virtual switch.
7. The system of claim 5 , wherein configuring the at least one of the VMs as part of the first VDC comprises mapping the at least one VM to the first VDC in the first VDC configuration shared by the first virtual switch and the service node.
8. The system of claim 1 , wherein the service node hosts one or more device contexts and wherein at least one device context is configured as part of the first VDC, wherein the configuring comprises mapping the at least one device context to the first VDC in the first VDC configuration shared by the first virtual switch and the service node.
9. The system of claim 1 , wherein the network switch further includes: a second virtual switch having an associated second VDC, a second VDC configuration and a second set of physical ports assigned to the second virtual switch, wherein the first port on the service node connects the service node to one of the second set of physical ports of the network switch, wherein the service node is configured to process the network traffic forwarded by the second virtual switch based on the second VDC, and wherein the second VDC configuration provides a shared configuration for the second virtual switch and the service node for processing the network traffic forwarded to the service node by the second virtual switch.
10. The system of claim 9 , wherein the service node is configured to identify incoming network traffic as forwarded by the first virtual switch or the second virtual switch of the network switch based on a port-VDC index.
11. The system of claim 10 , wherein the service node is configured to process the network traffic based on the first VDC or the second VDC based on the identification of the network traffic as forwarded by the first virtual switch or the second virtual switch.
12. The system of claim 10 , wherein the service node is configured to prevent network traffic to flow between the first VDC and the second VDC via traffic forwarded to the service node for processing.
13. The system of claim 10 , wherein the service node is configured to allow network traffic to flow between the first VDC and the second VDC via traffic forwarded to the service node for processing.
14. The system of claim 13 , wherein the first VDC is associated with a first device context and the second VDC is associated with a second device context, and wherein allowing network traffic to flow between the first VDC and the second VDC comprises switching between the first device context associated with the first VDC and the second device context associated with the second VDC via a shared interface between the first VDC and the second VDC.
15. A method of configuring a system for hosting network services, comprising: providing a network switch having a first virtual switch, wherein the first virtual switch includes a first set of physical ports assigned to the first virtual switch; providing a service node that processes network traffic forwarded from the first virtual switch, wherein the service node has a first port connecting the service node to one of the first set of physical ports assigned to the first virtual switch; and configuring a first virtual device context (VDC) on the network switch and the service node, wherein the service node is configured to process the network traffic forwarded by the first virtual switch based on the first VDC and wherein the first VDC provides a shared configuration for the first virtual switch and the service node for processing the network traffic forwarded to the service node by the first virtual switch.
16. The method of claim 15 , further comprising: providing a second virtual switch of the network switch, wherein the second virtual switch includes a second set of physical ports assigned to the second virtual switch; and configuring a second VDC on the network switch and the service node, wherein the first port on the service node connects the service node to one of the second set of physical ports of the network switch, and wherein the service node is configured to process the network traffic forwarded by the second virtual switch based on the second VDC.
17. The method of claim 16 , wherein the service node identifies incoming network traffic as forwarded by the first virtual switch or the second virtual switch of the network switch based on a port-VDC index.
18. The method of claim 17 , wherein the service node either allows or prevents network traffic to flow between the first VDC and the second VDC via traffic forwarded to the service node for processing.
19. The method of claim 16 , wherein the service node is configured to process network traffic forwarded by the network switch based on the first VDC or the second VDC based on the identification of which virtual switch forwarded the network traffic.
20. A computer readable storage medium which, when executed on a computer system performs operations for configuring a system for hosting network services, comprising: configuring a network switch having a first virtual switch, wherein the virtual switch includes a first set of physical ports assigned to the first virtual switch; configuring a service node that processes network traffic forwarded from the first virtual switch, wherein the service node has a first port connecting the service node to one of the first set of physical ports; and configuring a first virtual device context (VDC) on the network switch and the service node, wherein the service node is configured to process the network traffic forwarded by the first virtual switch based on the first VDC and wherein the first VDC provides a shared configuration for the first virtual switch and the service node for processing the network traffic forwarded to the service node by the first virtual switch.
21. The computer readable storage medium of claim 20 , wherein the operations further comprise: creating, deleting, suspending, or restarting the VDC; and notifying the service node when the VDC is created, deleted, suspended, or restarted.
22. The computer readable storage medium of claim 20 , wherein the operations further comprise: configuring the network switch, wherein the network switch has a second virtual switch, and wherein second virtual switch includes a second set of physical ports assigned to the second virtual switch; and configuring a second VDC on the network switch and the service node, wherein the first port on the service node connects the service node to one of the second set of physical ports of the network switch, and wherein the service node is configured to process the network traffic forwarded by the second virtual switch based on the second VDC.
23. The computer readable medium of claim 22 , wherein the service node is configured to identify which virtual switch forwarded the network traffic based on a port-VDC index.
24. The computer readable medium of claim 23 , wherein the service node is configured to either allow or permit the network traffic to flow between the first VDC and the second VDC via traffic forwarded to the service node for processing.
25. The computer readable medium of claim 23 , wherein the service node is configured to process network traffic forwarded by the network switch based on the first VDC or the second VDC based on the identification of which virtual switch forwarded the network traffic.
Unknown
November 3, 2015
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.